@jumpgroup/laravel-tools 3.3.0

package/src/local/setup.js

@@ -0,0 +1,398 @@
+import { existsSync, mkdirSync, readdirSync, readFileSync, writeFileSync, rmSync } from 'fs';
+import { join, resolve } from 'path';
+import { fileURLToPath } from 'url';
+import { parse } from 'dotenv';
+import { confirm, input } from '@inquirer/prompts';
+import { replaceSecrets, replaceFiles } from '@jumpgroup/secret-fetcher';
+
+import { checkIfEnvFilesExist } from '../utilities/utilities.js';
+import { executeCommand, executeCommandWithOutput, ensureCommandsAvailable } from '../utilities/command.js';
+import { setupAWS } from '../media.js';
+
+const __dirname = fileURLToPath(new URL('.', import.meta.url));
+const STUB_DIR = resolve(__dirname, '../../src/stub');
+
+const VALID_PHP_VERSIONS = ['php8.0', 'php8.1', 'php8.2', 'php8.3', 'php8.4'];
+const DEFAULT_PHP_VERSION = 'php8.4';
+const SECRET_FETCHER_ERROR = 'Secret fetcher non è inizializzato, contattare Giada o Andrea';
+
+const ensureSetupRepoPrerequisites = () => {
+  ensureCommandsAvailable([
+    {
+      command: 'docker',
+      args: ['compose', 'version'],
+      label: 'docker compose',
+      installHint: 'Installa Docker Desktop e verifica che `docker compose` funzioni dal terminale.',
+    },
+    {
+      command: 'mkcert',
+      args: ['-help'],
+      label: 'mkcert',
+      installHint: 'Installa mkcert ed esegui `mkcert -install` sulla tua macchina.',
+    },
+    {
+      command: 'sudo',
+      args: ['--version'],
+      label: 'sudo',
+      installHint: 'Il flusso locale richiede `sudo` per aggiornare `/etc/hosts` tramite `hostile`.',
+    },
+  ]);
+};
+
+const ensureSetupLaravelPrerequisites = () => {
+  ensureCommandsAvailable([
+    {
+      command: 'docker',
+      args: ['compose', 'version'],
+      label: 'docker compose',
+      installHint: 'Installa Docker Desktop e verifica che `docker compose` funzioni dal terminale.',
+    },
+  ]);
+};
+
+const ensureSecretFetcherExists = () => {
+  if (!existsSync('.secret-fetcher')) {
+    throw new Error(SECRET_FETCHER_ERROR);
+  }
+};
+
+const normalizeProjectName = (value) =>
+  value
+    .trim()
+    .toLowerCase()
+    .replace(/[_\s]+/g, '-')
+    .replace(/[^a-z0-9-]/g, '-')
+    .replace(/-+/g, '-')
+    .replace(/^-|-$/g, '');
+
+const readEnvExample = () => parse(readFileSync('.env.example'));
+
+const updateProjectIdentityInEnvExample = (appName) => {
+  const content = readFileSync('.env.example', 'utf8');
+  const hasAppName = /^APP_NAME=.*$/m.test(content);
+
+  if (!hasAppName) {
+    throw new Error('APP_NAME non trovato in .env.example');
+  }
+
+  const localUrl = `https://api.${appName}.test`;
+  let updatedContent = content.replace(/^APP_NAME=.*$/m, `APP_NAME=${appName}`);
+
+  if (/^APP_URL=.*$/m.test(updatedContent)) {
+    updatedContent = updatedContent.replace(/^APP_URL=.*$/m, `APP_URL=${localUrl}`);
+  }
+
+  if (/^ASSETS_URL=.*$/m.test(updatedContent)) {
+    updatedContent = updatedContent.replace(/^ASSETS_URL=.*$/m, `ASSETS_URL=${localUrl}`);
+  }
+
+  writeFileSync('.env.example', updatedContent);
+};
+
+const generateLocalCertificates = async (appName) => {
+  const certsDir = join(resolve('.'), 'docker', 'certs');
+  await executeCommand('mkcert', [
+    '-cert-file',
+    'site.test.pem',
+    '-key-file',
+    'site.key',
+    `api.${appName}.test`,
+    `mail.${appName}.test`,
+  ], { cwd: certsDir });
+};
+
+const runLaravelHealthCheck = async (appName) => {
+  try {
+    await executeCommandWithOutput('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'about']);
+  } catch (error) {
+    throw new Error(`Health check Laravel fallito:\n${error.message}`);
+  }
+};
+
+const runNoFilamentRecovery = async (appName) => {
+  console.log('🛠️  Tentativo recovery dipendenze/caches (setup senza Filament)...');
+  await executeCommand('docker', ['exec', `${appName}-api`, 'composer', 'install', '--no-interaction']);
+  await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'package:discover']);
+  await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'storage:link']);
+  await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'optimize:clear']);
+};
+
+export const setupProject = async () => {
+  checkIfEnvFilesExist();
+  ensureSecretFetcherExists();
+
+  const envExample = readEnvExample();
+  const currentAppName = envExample.APP_NAME;
+
+  if (!currentAppName) {
+    throw new Error('APP_NAME non trovato in .env.example');
+  }
+
+  const projectName = await input({
+    message: 'Nome progetto locale (usato per URL locale e naming Docker):',
+    default: currentAppName,
+    validate: (value) => {
+      if (!value.trim()) {
+        return 'Il nome progetto non puo\' essere vuoto.';
+      }
+
+      if (!normalizeProjectName(value)) {
+        return 'Il nome progetto deve contenere almeno un carattere valido.';
+      }
+
+      return true;
+    },
+  });
+
+  const normalizedAppName = normalizeProjectName(projectName);
+
+  if (normalizedAppName !== projectName.trim()) {
+    const shouldUseNormalizedName = await confirm({
+      message: `Il nome verra' salvato come slug locale "${normalizedAppName}". Confermi?`,
+      default: true,
+    });
+
+    if (!shouldUseNormalizedName) {
+      throw new Error('Operazione annullata. Inserisci un nome progetto gia\' compatibile con hostname e naming Docker.');
+    }
+  }
+
+  updateProjectIdentityInEnvExample(normalizedAppName);
+
+  const setupMedia = await confirm({
+    message: 'Configurare anche media stack AWS (S3 + CloudFront)?',
+    default: false,
+  });
+
+  if (setupMedia) {
+    console.log('☁️  Avvio setup media AWS...');
+    await setupAWS(normalizedAppName, { updateEnvExample: true });
+  } else {
+    console.log('⏭️  Setup media AWS saltato (puoi eseguirlo dopo con `laravel-tools media setup-general`).');
+  }
+
+  console.log(`📛 Nome progetto locale impostato su: ${normalizedAppName}`);
+  console.log('\n✅ Setup progetto completato!');
+  console.log('   Prossimi passi:');
+  console.log('   1. yarn repo-setup');
+  console.log('   2. yarn start');
+  console.log('   3. yarn setup-laravel\n');
+};
+
+// ---------------------------------------------------------------------------
+// local setup-repo
+//
+// Flow:
+//   1. Assert .env.example exists
+//   2. Assert local prerequisites exist
+//   3. Assert .secret-fetcher exists
+//   4. Inject secrets from .env.example → .env
+//   5. Copy stub files to project root, substituting ${VAR} tokens
+//   6. Create docker/certs/ directory
+//   7. Generate mkcert SSL certificates for {APP_NAME}.test and mail.{APP_NAME}.test
+//      directly as site.test.pem / site.key
+//   8. Add {APP_NAME}.test and mail.{APP_NAME}.test to /etc/hosts
+// ---------------------------------------------------------------------------
+export const setupRepo = async (options = {}) => {
+  checkIfEnvFilesExist();
+  ensureSetupRepoPrerequisites();
+  ensureSecretFetcherExists();
+
+  const phpVersion = options.phpversion || DEFAULT_PHP_VERSION;
+  if (!VALID_PHP_VERSIONS.includes(phpVersion)) {
+    throw new Error(
+      `Versione PHP '${phpVersion}' non supportata. Valori ammessi: ${VALID_PHP_VERSIONS.join(', ')}`
+    );
+  }
+
+  console.log('🔐 Generazione di .env tramite secret fetcher...');
+  await replaceSecrets({ input: '.env.example', output: '.env' });
+
+  const env = parse(readFileSync('.env'));
+  const appName = env.APP_NAME;
+  const resolvedEnv = {
+    ...env,
+    DB_DATABASE: env.DB_DATABASE || env.DB_NAME,
+    DB_NAME: env.DB_NAME || env.DB_DATABASE,
+  };
+
+  if (!appName) {
+    throw new Error('APP_NAME non trovato in .env. Verifica .env.example e la configurazione di secret fetcher.');
+  }
+
+  console.log(`📋 Progetto locale: ${appName} (${phpVersion})`);
+
+  console.log('📁 Copia degli stub Docker e Traefik...');
+  await replaceFiles(`${STUB_DIR}/**`, `${resolve('.')}/`, resolvedEnv);
+
+  // If a non-default PHP version is requested, overwrite docker-compose.yml
+  if (phpVersion !== DEFAULT_PHP_VERSION) {
+    const src = join(STUB_DIR, 'docker-compose', phpVersion, 'docker-compose.yml');
+    const content = readFileSync(src, 'utf8').replace(
+      /\$\{([^}]+)\}/g,
+      (_, key) => resolvedEnv[key] ?? `\${${key}}`
+    );
+    writeFileSync(join(resolve('.'), 'docker-compose.yml'), content);
+  }
+
+  // Remove the docker-compose/ version subfolder — it's internal to laravel-tools
+  const versionDir = join(resolve('.'), 'docker-compose');
+  if (existsSync(versionDir)) {
+    rmSync(versionDir, { recursive: true, force: true });
+  }
+
+  // Ensure mysql/ and docker/certs/ are gitignored
+  const gitignorePath = join(resolve('.'), '.gitignore');
+  const gitignoreEntries = ['mysql/', 'docker/certs/'];
+  const gitignoreContent = existsSync(gitignorePath) ? readFileSync(gitignorePath, 'utf8') : '';
+  const missingEntries = gitignoreEntries.filter((entry) => !gitignoreContent.includes(entry));
+  if (missingEntries.length > 0) {
+    writeFileSync(gitignorePath, gitignoreContent + (gitignoreContent.endsWith('\n') ? '' : '\n') + missingEntries.join('\n') + '\n');
+    console.log(`📝 Aggiunte voci a .gitignore: ${missingEntries.join(', ')}`);
+  }
+
+  console.log('📁 Creazione della cartella docker/certs...');
+  mkdirSync(join('docker', 'certs'), { recursive: true });
+
+  console.log(`🔒 Generazione dei certificati SSL per api.${appName}.test e mail.${appName}.test...`);
+  await generateLocalCertificates(appName);
+
+  console.log(`🌐 Aggiornamento di /etc/hosts con api.${appName}.test e mail.${appName}.test...`);
+  await executeCommand('sudo', ['hostile', 'set', '127.0.0.1', `api.${appName}.test`]);
+  await executeCommand('sudo', ['hostile', 'set', '127.0.0.1', `mail.${appName}.test`]);
+
+  console.log('📦 Installazione delle dipendenze PHP...');
+  await executeCommand('composer', ['install']);
+
+  console.log(`\n✅ Repo setup completo!`);
+  console.log('   Prossimi passi:');
+  console.log('   1. yarn start');
+  console.log('   2. yarn setup-laravel\n');
+};
+
+// ---------------------------------------------------------------------------
+// local user add
+// ---------------------------------------------------------------------------
+export const addUser = async () => {
+  if (!existsSync('.env')) {
+    throw new Error('.env non trovato. Completa prima il setup del progetto.');
+  }
+
+  const env = parse(readFileSync('.env'));
+  const appName = env.APP_NAME;
+
+  try {
+    await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', '--version'], {
+      stdio: 'pipe',
+    });
+  } catch {
+    throw new Error(
+      `Il container ${appName}-api non e' in esecuzione. Avvia lo stack con: yarn start`
+    );
+  }
+
+  await executeCommand('docker', ['exec', '-it', `${appName}-api`, 'php', 'artisan', 'make:filament-user']);
+};
+
+// ---------------------------------------------------------------------------
+// local setup-laravel
+//
+// Flow:
+//   1. Assert .env exists (after setup-project + setup-repo)
+//   2. Check if Laravel is already initialised (APP_KEY set)
+//   3. Generate app key
+//   4. Run migrations (+ optional seed)
+// ---------------------------------------------------------------------------
+export const setupLaravel = async () => {
+  if (!existsSync('.env')) {
+    throw new Error(
+      '.env non trovato. Completa prima `laravel-tools local setup-project` e poi `yarn repo-setup`.'
+    );
+  }
+
+  ensureSetupLaravelPrerequisites();
+
+  const env = parse(readFileSync('.env'));
+  const appName = env.APP_NAME;
+
+  // Check if the container is running
+  try {
+    await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', '--version'], {
+      stdio: 'pipe',
+    });
+  } catch {
+    throw new Error(
+      `Il container ${appName}-api non e' in esecuzione. Avvia lo stack con: yarn start`
+    );
+  }
+
+  const installFilament = await confirm({ message: 'Installare Filament?', default: false });
+
+  if (env.APP_KEY && env.APP_KEY !== '') {
+    console.log('🔑 APP_KEY gia\' presente, salto key:generate.');
+  } else {
+    console.log('🔑 Generazione della chiave applicativa...');
+    await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'key:generate']);
+  }
+
+  if (installFilament) {
+    console.log('📦 Installazione di Filament...');
+    await executeCommand('docker', ['exec', `${appName}-api`, 'composer', 'require', 'filament/filament:^3.2', '-W']);
+  }
+
+  const migrationsDir = join(resolve('.'), 'database', 'migrations');
+  const hasSessionsMigration = existsSync(migrationsDir) &&
+    readdirSync(migrationsDir).some((f) => f.includes('create_sessions_table'));
+
+  if (!hasSessionsMigration) {
+    console.log('📋 Generazione della tabella sessioni...');
+    await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'session:table']);
+  }
+
+  console.log('🗄️  Esecuzione delle migration...');
+  await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'migrate', '--graceful']);
+
+  if (installFilament) {
+    console.log('🎨 Configurazione di Filament...');
+    await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'filament:install', '--panels', '--no-interaction']);
+    await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'filament:assets']);
+  }
+
+  console.log('🧹 Pulizia cache Laravel...');
+  await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'optimize:clear']);
+
+  try {
+    await runLaravelHealthCheck(appName);
+    console.log('✅ Bootstrap Laravel verificato.');
+  } catch (error) {
+    if (!installFilament) {
+      await runNoFilamentRecovery(appName);
+      try {
+        await runLaravelHealthCheck(appName);
+        console.log('✅ Bootstrap Laravel verificato dopo recovery.');
+      } catch (recoveryError) {
+        throw new Error(
+          'Bootstrap Laravel fallito anche dopo recovery senza Filament. ' +
+            'Controlla dipendenze Composer del progetto (Livewire/Filament) e rilancia.\n' +
+            recoveryError.message
+        );
+      }
+    } else {
+      throw new Error(
+        'Bootstrap Laravel fallito dopo installazione Filament. ' +
+          'Verifica che tutte le dipendenze Composer siano compatibili e rilancia.\n' +
+          error.message
+      );
+    }
+  }
+
+  const seed = await confirm({ message: 'Eseguire anche i seeder?', default: false });
+  if (seed) {
+    console.log('🌱 Esecuzione dei seeder...');
+    await executeCommand('docker', ['exec', `${appName}-api`, 'php', 'artisan', 'db:seed']);
+  }
+
+  console.log(`\n✅ Laravel setup completo!`);
+  console.log(`   Apri: https://api.${appName}.test`);
+  console.log(`   Mailpit: https://mail.${appName}.test\n`);
+};

package/src/media.js

@@ -0,0 +1,143 @@
+import { existsSync, readFileSync, writeFileSync } from 'fs';
+import yaml from 'js-yaml';
+import { addUpdateSecret } from '@jumpgroup/secret-fetcher';
+
+import { applyCloudFrontReadPolicy, createBucket } from './aws/bucket.js';
+import {
+  getDistributionByProjectTagStrict,
+  resolveOrCreateDistributionForProject,
+} from './aws/cloudfront.js';
+import { createIAMUser } from './aws/iam.js';
+import { getAppName } from './utilities/command.js';
+import { getAwsAccountId, getAwsRegion } from './aws/config.js';
+
+const setOrAppendEnvVar = (content, key, value) => {
+  const normalizedValue = String(value ?? '');
+  const regex = new RegExp(`^${key}=.*$`, 'm');
+  if (regex.test(content)) {
+    return content.replace(regex, `${key}=${normalizedValue}`);
+  }
+  return `${content}${content.endsWith('\n') ? '' : '\n'}${key}=${normalizedValue}\n`;
+};
+
+const writeMediaConfigToEnvExample = (mediaConfig) => {
+  if (!existsSync('.env.example')) {
+    return;
+  }
+
+  let content = readFileSync('.env.example', 'utf8');
+
+  const pairs = {
+    AWS_DEFAULT_REGION: mediaConfig.region,
+    AWS_BUCKET: mediaConfig.bucketName,
+    AWS_URL: `https://${mediaConfig.cloudfrontDomain}/`,
+    CLOUDFRONT_DISTRIBUTION_ID: mediaConfig.cloudfrontId,
+    CLOUDFRONT_DOMAIN: mediaConfig.cloudfrontDomain,
+    S3_SITE_BUCKET: mediaConfig.bucketName,
+    S3_UPLOADS_BUCKET_URL: `https://${mediaConfig.cloudfrontDomain}/`,
+  };
+
+  for (const [key, value] of Object.entries(pairs)) {
+    content = setOrAppendEnvVar(content, key, value);
+  }
+
+  writeFileSync('.env.example', content);
+  console.log('📝 Config media aggiornata in .env.example');
+};
+
+const pushMediaCredentialsToSecretFetcher = async (credentials) => {
+  if (!existsSync('.secret-fetcher')) {
+    return;
+  }
+
+  const note = yaml.dump(credentials);
+  await addUpdateSecret({ note, env: 'site' });
+  console.log('🔐 Credenziali media inviate a secret-fetcher (env=site)');
+};
+
+export const setupAWS = async (projectName, options = {}) => {
+  const resolvedProjectName = projectName || getAppName();
+  const region = getAwsRegion();
+  const dryRun = Boolean(options.dryRun);
+
+  console.log(`📦 Setup media stack per: ${resolvedProjectName}${dryRun ? ' [DRY-RUN]' : ''}`);
+  const bucket = await createBucket(resolvedProjectName, { dryRun });
+  const distribution = await resolveOrCreateDistributionForProject({
+    projectName: resolvedProjectName,
+    bucketName: bucket.name,
+    dryRun,
+  });
+  const accountId = await getAwsAccountId();
+
+  await applyCloudFrontReadPolicy({
+    bucketName: bucket.name,
+    distributionId: distribution.id,
+    accountId,
+    dryRun,
+  });
+
+  const credentials = await createIAMUser(resolvedProjectName, distribution.id, { dryRun });
+
+  const mediaConfig = {
+    region,
+    bucketName: bucket.name,
+    cloudfrontId: distribution.id,
+    cloudfrontDomain: distribution.domainName,
+    ...credentials,
+  };
+
+  if (options.updateEnvExample !== false && !dryRun) {
+    writeMediaConfigToEnvExample(mediaConfig);
+  } else if (dryRun) {
+    console.log('🧪 [dry-run] Skip update di .env.example');
+  }
+
+  if (!dryRun) {
+    await pushMediaCredentialsToSecretFetcher(credentials);
+  } else {
+    console.log('🧪 [dry-run] Skip push credenziali a secret-fetcher.');
+  }
+
+  console.log('✅ Media stack configurato.');
+  console.table([
+    {
+      bucket: mediaConfig.bucketName,
+      cloudfrontId: mediaConfig.cloudfrontId,
+      cloudfrontDomain: mediaConfig.cloudfrontDomain,
+    },
+  ]);
+
+  return mediaConfig;
+};
+
+export const setupIAM = async (projectName, cloudfrontId = null, options = {}) => {
+  const resolvedProjectName = projectName || getAppName();
+  const dryRun = Boolean(options.dryRun);
+  let resolvedCloudfrontId = cloudfrontId || null;
+
+  if (!resolvedCloudfrontId && !dryRun) {
+    const distribution = await getDistributionByProjectTagStrict(resolvedProjectName);
+    resolvedCloudfrontId = distribution?.id || null;
+  }
+
+  if (!resolvedCloudfrontId && dryRun) {
+    resolvedCloudfrontId = `DRYRUN-${resolvedProjectName}`;
+    console.log(
+      `🧪 [dry-run] Nessuna distribuzione risolta: uso CloudFront ID simulato ${resolvedCloudfrontId}`
+    );
+  }
+
+  const credentials = await createIAMUser(resolvedProjectName, resolvedCloudfrontId, { dryRun });
+  if (!dryRun) {
+    await pushMediaCredentialsToSecretFetcher(credentials);
+  } else {
+    console.log('🧪 [dry-run] Skip push credenziali a secret-fetcher.');
+  }
+
+  console.table([credentials]);
+  return credentials;
+};
+
+// Backward-compatible aliases (old laravel-tools naming).
+export const setupMediaStack = setupAWS;
+export const setupMediaIam = setupIAM;

package/src/stub/docker/mysql/my.cnf

@@ -0,0 +1,6 @@
+[mysqld]
+max_allowed_packet = 256M
+
+# Uncomment to log all queries (impacts performance)
+# general_log = 1
+# general_log_file=/var/lib/mysql/general.log

package/src/stub/docker/php/local.ini

@@ -0,0 +1,4 @@
+upload_max_filesize = 40M
+post_max_size = 40M
+max_execution_time = 180
+memory_limit = 3000M

package/src/stub/docker/traefik/dynamic_conf.yml

@@ -0,0 +1,4 @@
+tls:
+  certificates:
+  - certFile: "/etc/traefik/certs/site.test.pem"
+    keyFile: "/etc/traefik/certs/site.key"

package/src/stub/docker/traefik/traefik.yml

@@ -0,0 +1,24 @@
+## traefik.yml
+## Static configuration
+entryPoints:
+  http:
+    address: ":80"
+    http:
+      redirections:
+        entryPoint:
+          to: https
+          scheme: https
+  https:
+    address: ":443"
+# Docker configuration backend
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    network: api-network
+    exposedByDefault: false
+  file:
+    filename: /etc/traefik/dynamic_conf.yml
+# API and dashboard configuration
+api:
+  insecure: true
+  dashboard: true

package/src/stub/docker-compose/php8.0/docker-compose.yml

@@ -0,0 +1,78 @@
+services:
+  traefik:
+    image: "traefik:v3.6.11"
+    container_name: ${APP_NAME}-traefik
+    networks:
+      - api-network
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8081:8080"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - ./docker/traefik/traefik.yml:/etc/traefik/traefik.yml
+      - ./docker/traefik/dynamic_conf.yml:/etc/traefik/dynamic_conf.yml
+      - ./docker/certs:/etc/traefik/certs
+
+  api:
+    image: jumpgroupit/laravel-image:0.2.2
+    container_name: ${APP_NAME}-api
+    command: "php artisan serve --host=0.0.0.0 --port 80"
+    restart: unless-stopped
+    environment:
+      SERVICE_NAME: app
+      SERVICE_TAGS: dev
+    working_dir: /var/www
+    volumes:
+      - ./:/var/www
+      - ./docker/php/local.ini:/usr/local/etc/php/conf.d/local.ini
+      - ./docker/certs:/etc/certs
+    networks:
+      api-network:
+        aliases:
+          - ${APP_NAME}.test
+    depends_on:
+      - db
+      - mailpit
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.app.entrypoints=http,https"
+      - "traefik.http.routers.app.rule=Host(`${APP_NAME}.test`)"
+      - "traefik.http.routers.app.tls=true"
+    ports:
+      - 8000:80
+
+  db:
+    image: mysql:8.4
+    container_name: ${APP_NAME}-mysql
+    restart: unless-stopped
+    ports:
+      - "3306:3306"
+    environment:
+      - MYSQL_DATABASE=${DB_DATABASE}
+      - MYSQL_ROOT_PASSWORD=${DB_PASSWORD}
+    volumes:
+      - ./docker/mysql/my.cnf:/etc/mysql/my.cnf
+      - ./docker/mysql/data:/var/lib/mysql:delegated
+    networks:
+      - api-network
+
+  mailpit:
+    image: axllent/mailpit:latest
+    container_name: ${APP_NAME}-mailpit
+    restart: unless-stopped
+    ports:
+      - "1025:1025"
+      - "8025:8025"
+    networks:
+      - api-network
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.mailpit.entrypoints=http,https"
+      - "traefik.http.routers.mailpit.rule=Host(`mail.${APP_NAME}.test`)"
+      - "traefik.http.routers.mailpit.tls=true"
+      - "traefik.http.services.mailpit.loadbalancer.server.port=8025"
+
+networks:
+  api-network:
+    driver: bridge